Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.03.2018
Ran by naylc (administrator) on AJKA (11-03-2018 15:31:33)
Running from C:\Users\naylc\Desktop
Loaded Profiles: naylc (Available Profiles: naylc & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\naylc\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-06-06] (Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-02-05] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3409495467-2586683993-4265649639-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [50100160 2018-03-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3409495467-2586683993-4265649639-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [571392 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2018-03-10]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2018-03-10]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E441181E-3195-401A-8020-27CB6D93B0AC}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3409495467-2586683993-4265649639-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-3409495467-2586683993-4265649639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-3409495467-2586683993-4265649639-1001 -> DefaultScope {70E73A98-E34D-4930-AE34-B51921C28C26} URL = 

FireFox:
========
FF ProfilePath: C:\Users\naylc\AppData\Roaming\Mozilla\Firefox\Profiles\WuTNrtfx.default [2018-03-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default [2018-03-11]
CHR Extension: (Prezentácie) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-10]
CHR Extension: (Dokumenty) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-10]
CHR Extension: (Disk Google) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-10]
CHR Extension: (YouTube) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-10]
CHR Extension: (Adobe Acrobat) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-10]
CHR Extension: (Tabuľky) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-10]
CHR Extension: (Avira Browser Safety) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-03-10]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-10]
CHR Extension: (AdBlock) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-10]
CHR Extension: (Gmail) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\naylc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3409495467-2586683993-4265649639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1136744 2018-02-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [492560 2018-02-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [492560 2018-02-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1533608 2018-02-22] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-02-05] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94208 2014-05-06] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [315352 2014-05-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-08-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-21] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2018-02-22] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-02-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-02-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-02-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2018-02-22] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2018-02-22] (Avira Operations GmbH & Co. KG)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [573144 2014-04-18] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [3468504 2014-05-22] (Realtek Semiconductor Corporation )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-08-21] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [237400 2014-08-21] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2014-08-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-11 15:31 - 2018-03-11 15:33 - 000013031 _____ C:\Users\naylc\Desktop\FRST.txt
2018-03-11 15:30 - 2018-03-11 15:31 - 000000000 ____D C:\FRST
2018-03-11 15:29 - 2018-03-11 15:29 - 000112640 _____ (forum.viry.cz) C:\Users\naylc\Desktop\FRSTLauncher.exe
2018-03-11 15:26 - 2018-03-11 15:26 - 002403328 _____ (Farbar) C:\Users\naylc\Desktop\FRST64.exe
2018-03-11 15:20 - 2018-03-11 15:20 - 000112640 _____ (forum.viry.cz) C:\Users\naylc\Downloads\Nepotvrdené 212993.crdownload
2018-03-11 15:17 - 2018-03-11 15:17 - 000112640 _____ (forum.viry.cz) C:\Users\naylc\Downloads\Nepotvrdené 729002.crdownload
2018-03-11 06:50 - 2018-03-11 06:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-11 06:49 - 2018-03-11 06:49 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-11 06:49 - 2018-03-11 06:49 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-11 04:20 - 2018-03-11 04:23 - 000000000 ____D C:\AdwCleaner
2018-03-11 04:18 - 2018-03-11 04:18 - 008222496 _____ (Malwarebytes) C:\Users\naylc\Desktop\adwcleaner_7.0.8.0.exe
2018-03-10 22:26 - 2018-03-10 22:27 - 000000000 ____D C:\rsit
2018-03-10 22:26 - 2018-03-10 22:27 - 000000000 ____D C:\Program Files\trend micro
2018-03-10 22:26 - 2018-03-10 22:26 - 001329152 _____ C:\Users\naylc\Downloads\RSITx64.exe
2018-03-10 22:13 - 2018-03-10 22:13 - 000003292 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2018-03-10 22:13 - 2018-03-10 22:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-03-10 22:13 - 2018-02-22 10:58 - 000178840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2018-03-10 22:13 - 2018-02-22 10:58 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2018-03-10 22:13 - 2018-02-22 10:58 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2018-03-10 22:13 - 2018-02-22 10:58 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2018-03-10 22:13 - 2018-02-22 10:58 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2018-03-10 22:13 - 2018-02-22 10:58 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2018-03-10 21:59 - 2018-03-10 21:59 - 000000000 ____D C:\Users\naylc\AppData\Roaming\Mozilla
2018-03-10 21:58 - 2018-03-10 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-03-10 21:58 - 2018-03-10 22:12 - 000000000 ____D C:\ProgramData\Avira
2018-03-10 21:58 - 2018-03-10 22:12 - 000000000 ____D C:\Program Files (x86)\Avira
2018-03-10 21:58 - 2018-03-10 21:58 - 000001172 _____ C:\Users\Public\Desktop\Avira.lnk
2018-03-10 21:57 - 2018-03-10 21:57 - 005571896 _____ (Avira Operations GmbH & Co. KG) C:\Users\naylc\Downloads\avira_en_av_5aa446a630f91__ws.exe
2018-03-10 21:54 - 2018-03-10 21:54 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2018-03-10 21:54 - 2018-03-10 21:54 - 000002297 _____ C:\Users\Public\Desktop\WinZip.lnk
2018-03-10 21:54 - 2018-03-10 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2018-03-10 21:53 - 2018-03-10 21:54 - 000000000 ____D C:\ProgramData\WinZip
2018-03-10 21:53 - 2018-03-10 21:53 - 000000000 ____D C:\Users\naylc\AppData\Local\WinZip
2018-03-10 21:53 - 2018-03-10 21:53 - 000000000 ____D C:\Program Files\WinZip
2018-03-10 21:51 - 2018-03-10 21:51 - 000000000 ____D C:\ProgramData\UniqueId
2018-03-10 21:50 - 2018-03-10 21:50 - 000685656 _____ (WinZip Computing, S.L.) C:\Users\naylc\Downloads\winzip19-home.exe
2018-03-10 21:50 - 2018-03-10 21:50 - 000000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2018-03-10 21:50 - 2018-03-10 21:50 - 000000000 ____D C:\Users\naylc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-10 21:50 - 2018-03-10 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-10 21:49 - 2018-03-10 21:50 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-03-10 21:49 - 2018-03-10 21:49 - 002090600 _____ C:\Users\naylc\Downloads\wrar540sk.exe
2018-03-10 21:45 - 2018-03-10 21:45 - 000000000 ____D C:\Users\naylc\AppData\Roaming\WildTangent
2018-03-10 20:30 - 2018-03-10 20:30 - 000000000 ____D C:\Users\naylc\AppData\Local\CEF
2018-03-10 20:29 - 2018-03-10 22:31 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-03-10 20:27 - 2018-03-10 20:27 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-03-10 20:27 - 2018-03-10 20:27 - 000002071 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-03-10 20:26 - 2018-03-10 20:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-03-10 20:21 - 2018-03-10 20:21 - 000001054 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-03-10 20:21 - 2018-03-10 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-03-10 20:21 - 2018-03-10 20:21 - 000000000 ____D C:\Program Files\VS Revo Group
2018-03-10 20:21 - 2015-12-20 15:56 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-10 20:21 - 2015-07-14 04:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2018-03-10 20:21 - 2014-10-29 03:29 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdchange.exe
2018-03-10 20:21 - 2014-10-29 03:00 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-10 20:21 - 2014-10-29 02:52 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msra.exe
2018-03-10 20:21 - 2014-10-29 02:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdchange.exe
2018-03-10 20:21 - 2014-10-29 02:26 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\racpldlg.dll
2018-03-10 20:19 - 2018-03-10 20:20 - 007189760 _____ (VS Revo Group ) C:\Users\naylc\Downloads\revosetup (1).exe
2018-03-10 20:19 - 2018-03-10 20:20 - 000000000 ____D C:\Users\naylc\AppData\Roaming\Skype
2018-03-10 20:19 - 2018-03-10 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-03-10 20:18 - 2018-03-10 20:30 - 000000000 ____D C:\Users\naylc\AppData\Local\Adobe
2018-03-10 20:18 - 2018-03-10 20:18 - 003100488 _____ (Safer-Networking Ltd.) C:\Users\naylc\Downloads\SDAntiBeacon-1.6.exe
2018-03-10 20:18 - 2016-02-04 18:24 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-03-10 20:18 - 2016-02-04 18:02 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-03-10 20:18 - 2015-07-16 19:58 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2018-03-10 20:16 - 2018-03-10 20:18 - 060252800 _____ (Skype Technologies S.A.) C:\Users\naylc\Downloads\Skype-8.17.0.2.exe
2018-03-10 20:13 - 2018-03-10 20:13 - 000001211 _____ C:\Users\Public\Desktop\TAXA - daňové priznania.lnk
2018-03-10 20:13 - 2018-03-10 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KROS
2018-03-10 20:13 - 2018-03-10 20:13 - 000000000 ____D C:\Program Files (x86)\Kros
2018-03-10 20:09 - 2018-03-10 20:09 - 000002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-10 20:09 - 2018-03-10 20:09 - 000002295 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-10 20:09 - 2018-03-10 20:09 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2018-03-10 20:08 - 2018-03-10 20:09 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-10 20:08 - 2018-03-10 20:08 - 000003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-03-10 20:08 - 2018-03-10 20:08 - 000003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-03-10 20:06 - 2018-03-10 20:25 - 000000000 ____D C:\Users\naylc\AppData\Local\Google
2018-03-10 20:06 - 2018-03-10 20:06 - 000000000 __SHD C:\Users\naylc\AppData\Local\EmieUserList
2018-03-10 20:06 - 2018-03-10 20:06 - 000000000 __SHD C:\Users\naylc\AppData\Local\EmieSiteList
2018-03-10 20:05 - 2018-03-10 20:06 - 000000000 ____D C:\Users\naylc\AppData\Local\Deployment
2018-03-10 20:05 - 2018-03-10 20:05 - 000000000 ____D C:\Users\naylc\AppData\Local\Apps\2.0
2018-03-10 07:46 - 2018-03-10 07:46 - 000262144 _____ C:\WINDOWS\system32\config\userdiff
2018-03-10 07:46 - 2018-03-09 23:51 - 000000000 ____D C:\Windows.old
2018-03-10 07:21 - 2018-03-10 07:21 - 000000000 ____D C:\$WINDOWS.~BT
2018-03-10 07:20 - 2018-03-09 23:30 - 000000000 ___HD C:\$SysReset
2018-03-09 23:45 - 2018-03-10 20:44 - 000003312 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2018-03-09 23:45 - 2018-03-09 23:45 - 000000000 ____D C:\Program Files\Common Files\AV
2018-03-09 23:28 - 2018-03-09 23:28 - 000001280 _____ C:\Users\naylc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správca zvuku s vysokým rozlíšením.lnk
2018-03-09 23:21 - 2018-03-09 23:21 - 000000000 ____D C:\ProgramData\Apple
2018-03-09 23:20 - 2018-03-11 15:32 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3409495467-2586683993-4265649639-1001
2018-03-09 23:16 - 2018-03-09 23:16 - 000003442 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2018-03-09 23:12 - 2018-03-09 23:12 - 000000000 ____D C:\Users\naylc\AppData\Roaming\Macromedia
2018-03-09 23:09 - 2018-03-10 20:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-03-09 23:08 - 2018-03-10 22:22 - 000000000 ____D C:\Users\naylc\AppData\Local\clear.fi
2018-03-09 23:07 - 2018-03-10 20:29 - 000000000 ____D C:\Users\naylc\AppData\Roaming\Adobe
2018-03-09 23:07 - 2018-03-09 23:07 - 000001450 _____ C:\Users\naylc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-09 23:07 - 2018-03-09 23:07 - 000000000 ____D C:\Users\naylc\AppData\Local\VirtualStore
2018-03-09 23:06 - 2018-03-09 23:06 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-03-09 23:06 - 2018-03-09 23:06 - 000000020 ___SH C:\Users\naylc\ntuser.ini
2018-03-09 23:06 - 2018-03-09 23:06 - 000000000 ____D C:\Users\naylc\AppData\Local\OEM
2018-03-09 23:04 - 2018-03-09 23:04 - 000003748 _____ C:\Users\Administrator\AppData\Local\Application.xml
2018-03-09 22:54 - 2018-03-11 04:25 - 000000000 ____D C:\Users\naylc\AppData\Local\SweetLabs App Platform
2018-03-09 22:54 - 2014-03-18 11:13 - 000000369 _____ C:\Users\naylc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2018-03-09 22:54 - 2014-03-18 11:13 - 000000369 _____ C:\Users\naylc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2018-03-09 22:50 - 2018-03-09 23:07 - 000000000 ____D C:\Users\naylc
2018-03-09 22:49 - 2018-03-09 23:04 - 000024768 _____ C:\WINDOWS\diagwrn.xml
2018-03-09 22:49 - 2018-03-09 23:04 - 000024768 _____ C:\WINDOWS\diagerr.xml
2018-03-04 15:24 - 2018-03-04 15:25 - 000000000 ____D C:\OSTotoFolder
2018-03-04 15:14 - 2018-03-04 15:22 - 012175000 _____ (OSToto Co., Ltd.) C:\Users\naylc\Downloads\DriverTalent_setup.exe
2018-03-04 09:31 - 2018-03-04 09:31 - 000000000 _____ C:\Recovery.txt
2018-03-04 00:07 - 2018-03-04 00:07 - 007458601 _____ C:\Users\naylc\Downloads\TouchPad_ELANTECH_13.6.1.1_W81x64_A.zip
2018-03-03 22:35 - 2018-03-03 22:37 - 000000000 ____D C:\Users\naylc\AppData\LocalLow\IObit
2018-03-03 22:32 - 2018-03-03 22:32 - 007189760 _____ (VS Revo Group ) C:\Users\naylc\Downloads\revosetup.exe
2018-03-03 22:26 - 2018-03-03 22:26 - 002178933 _____ (O&O Software GmbH) C:\Users\naylc\Downloads\defraglite.exe
2018-03-03 22:22 - 2018-03-03 22:24 - 013095264 _____ (IObit ) C:\Users\naylc\Downloads\sd5_setup.exe
2018-03-03 22:22 - 2018-03-03 22:22 - 002131032 _____ (Safer-Networking Ltd. ) C:\Users\naylc\Downloads\SpybotAntiBeacon-1.6-setup.exe
2018-03-03 22:18 - 2018-03-03 22:19 - 011217568 _____ (Piriform Ltd) C:\Users\naylc\Downloads\ccsetup540.exe
2018-03-03 22:17 - 2018-03-03 22:20 - 067456464 _____ (Malwarebytes ) C:\Users\naylc\Downloads\mb3-setup-exp89v1.exp89v1-3.3.1.2183-1.0.262-1.0.4030.exe
2018-03-03 22:17 - 2018-03-03 22:18 - 019912008 _____ (IObit ) C:\Users\naylc\Downloads\driver_booster_setup.exe
2018-03-03 22:05 - 2018-03-03 22:05 - 000000000 ____D C:\Users\naylc\Documents\My Bluetooth
2018-02-28 21:56 - 2018-02-28 22:35 - 699004928 _____ C:\Users\naylc\Downloads\OfficeProfessionalPlus_x86_en-us.img
2018-02-16 12:09 - 2018-02-16 12:09 - 001414794 _____ (Igor Pavlov) C:\Users\naylc\Downloads\7z1801-x64.exe
2018-02-13 07:42 - 2018-02-13 07:42 - 000000000 ____D C:\TAXA

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-11 15:31 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-11 04:32 - 2014-08-21 03:08 - 000730734 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-11 04:32 - 2014-08-21 03:08 - 000151480 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-11 04:32 - 2014-08-21 02:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-11 04:32 - 2014-03-18 11:03 - 001745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-11 04:32 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-03-11 04:29 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-11 04:27 - 2014-07-08 05:50 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-03-11 04:27 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-11 04:27 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-03-11 04:19 - 2014-08-21 03:26 - 000000000 ____D C:\ProgramData\CyberLink
2018-03-10 22:20 - 2014-07-08 05:50 - 000000000 ____D C:\Program Files\Common Files\mcafee
2018-03-10 22:18 - 2013-08-22 15:44 - 000345256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-10 21:58 - 2014-08-21 03:04 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-10 21:45 - 2014-07-08 05:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-10 21:45 - 2014-07-08 05:38 - 000000000 ____D C:\ProgramData\WildTangent
2018-03-10 21:45 - 2014-07-08 05:38 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2018-03-10 21:38 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-10 21:34 - 2014-07-08 05:50 - 000000000 ____D C:\Program Files\mcafee.com
2018-03-10 21:32 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-03-10 21:23 - 2014-07-08 05:38 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2018-03-10 21:23 - 2014-07-08 05:38 - 000000000 ____D C:\ProgramData\Acer
2018-03-10 21:23 - 2014-07-08 05:38 - 000000000 ____D C:\Program Files (x86)\Acer
2018-03-10 21:21 - 2014-07-08 05:50 - 000000000 ____D C:\WINDOWS\oem
2018-03-10 21:01 - 2014-08-21 03:27 - 000000000 ____D C:\ProgramData\OEM
2018-03-10 20:30 - 2014-07-08 05:47 - 000000000 ____D C:\ProgramData\Adobe
2018-03-10 20:19 - 2014-12-25 18:38 - 000001330 _____ C:\Users\Public\Desktop\Skype.lnk
2018-03-10 20:07 - 2014-12-25 11:36 - 000000000 __SHD C:\Users\naylc\AppData\LocalLow\EmieUserList
2018-03-10 20:07 - 2014-12-25 11:35 - 000000000 __SHD C:\Users\naylc\AppData\LocalLow\EmieSiteList
2018-03-10 20:07 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-10 07:46 - 2013-08-22 16:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2018-03-09 23:29 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-03-09 23:24 - 2014-11-21 23:32 - 000000000 ____D C:\Users\naylc\AppData\Local\Packages
2018-03-09 23:15 - 2014-07-08 06:08 - 000000000 ___HD C:\OEM
2018-03-09 23:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2018-03-09 23:07 - 2014-07-08 06:13 - 000000000 ___DC C:\WINDOWS\Panther
2018-03-09 23:03 - 2013-08-22 16:36 - 000000000 __RHD C:\Users\Public\Libraries
2018-03-02 21:34 - 2015-04-03 08:05 - 000007168 ___SH C:\Users\naylc\Thumbs.db
2018-03-02 21:31 - 2014-12-29 21:43 - 010401280 ___SH C:\Users\naylc\Downloads\Thumbs.db
2018-03-02 21:29 - 2014-12-25 17:23 - 000000000 ___RD C:\Users\naylc\Desktop\ja
2018-03-02 16:45 - 2015-03-31 20:56 - 000458240 ___SH C:\Users\naylc\Documents\Thumbs.db

==================== Files in the root of some directories =======

2018-03-09 23:06 - 2018-03-11 14:28 - 000004590 _____ () C:\Users\naylc\AppData\Local\BTServer.log

Some files in TEMP:
====================
2018-03-10 20:33 - 2017-09-28 17:29 - 004964640 _____ (Acer Incorporated) C:\Users\naylc\AppData\Local\Temp\AcerDocsSetup.exe
2018-03-10 20:48 - 2017-10-02 15:04 - 001683232 _____ (Acer Incorporated) C:\Users\naylc\AppData\Local\Temp\AcerPortalSetup.exe
2018-03-10 21:05 - 2017-09-26 12:36 - 001976608 _____ (Acer Incorporated) C:\Users\naylc\AppData\Local\Temp\AOPSetup.exe
2018-03-10 21:05 - 2017-09-26 12:34 - 000301272 _____ (CodePlex Community) C:\Users\naylc\AppData\Local\Temp\Microsoft.Win32.TaskScheduler.dll
2018-03-09 23:35 - 2018-03-09 23:36 - 041424392 _____ (SweetLabs,Inc.) C:\Users\naylc\AppData\Local\Temp\octE17.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\naylc\Desktop" je 1738 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0
    DoNotAllowExceptions    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0
    DoNotAllowExceptions    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
